docker with openSUSE 13.2 小記 - 映像檔管理
今天持續練習 docker with openSUSE 13.2
昨天有注意到使用者要加入到 docker 的群組, 如果沒有加入到 docker 群組會發生哪些影響呢?
首先觀察群組, 目前沒有被加入 docker 群組
> id
uid=1000(max) gid=100(users) groups=100(users)
嘗試以 max 身份列出 image
> docker images
Get http:///var/run/docker.sock/v1.19/images/json: dial unix /var/run/docker.sock: permission denied. Are you trying to connect to a TLS-enabled daemon without TLS?
當然是可以用 sudo 來進行啦.... ( 但是你就會被問 root’s password )
> sudo docker images
root's password:
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ubuntu 12.04 57bca5139a13 12 days ago 134.8 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
還沒加入使用者之前觀察一下 docker 群組
> sudo grep docker /etc/group
docker:x:482:
利用 gpasswd 加入 max 到 docker 群組 ( 下次登入才生效 )
> sudo gpasswd -a max docker
正在將使用者“max”加入到“docker”群組中
再次觀察 docker 群組
> sudo grep docker /etc/group
docker:x:482:max
登出 shell
>exit
重新登入 shell
> id
uid=1000(max) gid=100(users) groups=100(users),482(docker)
再次執行 docker images 觀察
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ubuntu 12.04 57bca5139a13 12 days ago 134.8 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
所以小結就是非 root 使用者要直接使用 docker 指令就要加入 docker 群組 ^^
映像檔管理
練習教材裏面, 提到映像檔管理, 但是有些內容沒有進一步解釋, 所以就上去找了一下官方文件
官方文件 Docker user guide
首先對之前下的指令進行解釋
> sudo docker run --rm -i -t opensuse /bin/bash
可以使用 >docker run --help 來查詢
不過正確來說應該要連同 TAG 一起下才是正確的( 如果沒有指定 TAG, 預設為 latest )
> docker run -i -t --rm opensuse:latest /bin/bash
查詢映像檔
方式 1 上網搜尋
例如 搜尋 opensuse
點進想抓的Repositories
這邊可以看到 docker pull 指令還有 Dockerfile 相關資訊
方式 2 使用指令
使用 docker search 來搜尋
> docker search opensuse
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
opensuse This project contains the stable releases ... 49 [OK]
hachque/opensuse A base openSUSE 13.1 image, built from Sus... 2
druonysus/opensuse-base-minion 2 [OK]
novacoast/opensuse-apache 2 [OK]
取得映像檔到本機
使用 指令還有 Web 方式的差異是
在 Web 上面, 我們可以看到 images的 TAG, 但是 指令沒有看到
練習取得映像檔
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
使用 docker pull 來下載 image
> docker pull opensuse:13.2
13.2: Pulling from opensuse
5b8dd08af89b: Already exists
d6b241b32a2d: Already exists
Digest: sha256:b9ebaf54a450bcd400bcafea93b53aa3debcc787df7805a5a7e2d0db3457163f
Status: Downloaded newer image for opensuse:13.2
利用 docker images 來比對, 比對 IMAGE ID 就會知道 latest 與 13.2 是相同的
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
接下來的練習配合 docker 官方文件
建立 docker 映像檔
方式 1 修改現有的映像檔
下載 training/sinatra Repository映像檔 ( 可以注意到下載了所有 TAG 的映像檔, 從 training/sinatra )
> docker pull training/sinatra
Pulling repository training/sinatra
f0f4ab557f95: Download complete
511136ea3c5a: Download complete
3e76c0a80540: Download complete
be88c4c27e80: Download complete
bfab314f3b76: Download complete
e809f156dc98: Download complete
ce80548340bb: Download complete
79e6bf39f993: Download complete
Status: Downloaded newer image for training/sinatra:latest
觀察 images
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
training/sinatra latest f0f4ab557f95 15 months ago 447 MB
執行之前先列出目前執行的 Container
docker ps 可以列出 container
> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
執行 docker image 到 container ( 這次不加上 --rm, 也就是說 exit 之後不刪除 )
> docker run -i -t training/sinatra /bin/bash
root@6764848c94c4:/#
輸入 exit 離開 container
root@6764848c94c4:/# exit
exit
再次觀察 container
> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6764848c94c4 training/sinatra "/bin/bash" 2 minutes ago Exited (0) 36 seconds ago elegant_lalande
跟上面比對就會發現, 剛剛登入 shell 的時候 root@後面那串就是 container ID
再次執行一個新的 container
> docker run -i -t training/sinatra /bin/bash
root@ddc3cdc142f3:/#
這邊就會發現 container ID 是不一樣, 因為是另外一個
我們基於這個來修改成我們的映像檔
安裝 json 套件來作出差異
root@ddc3cdc142f3:/# gem install json
Fetching: json-1.8.3.gem (100%)
Building native extensions. This could take a while...
Successfully installed json-1.8.3
1 gem installed
Installing ri documentation for json-1.8.3...
Installing RDoc documentation for json-1.8.3...
離開 container
root@ddc3cdc142f3:/# exit
exit
這樣這個映像檔就跟之前不一樣了
接下來透過 docker commit 來建立新的
> docker commit -m "Add json" -a "sakana" ddc3cdc142f3 testrepo/testimage:vTEST
220501802d62b8aca6ed82aad9ea99c2dc9a12d195638b6bdf47f20aa8e92860
commit 提交一個新的 image
-m 訊息Commit message
-a 作者 Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
ddc3cdc142f3 是container ID
testrepo/testimage:vTEST 是 Repository名稱/映像檔名稱:TAG
觀察 images
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
testrepo/testimage vTEST 220501802d62 5 minutes ago 452.1 MB
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
training/sinatra latest f0f4ab557f95 15 months ago 447 MB
這個時候就會知道, 如果我們日後不上傳到 Docker Hub, 其實 Repository名稱是可以自己取的, 沒有影響, 但是如果要上傳, 就是要註冊 Docker Hub的帳號, 符合上面的規則才可以.
嘗試使用剛剛建立的映像檔來執行
> docker run -t -i testrepo/testimage:vTEST /bin/bash
root@acfed6e70946:/#
輸入 exit 離開
root@acfed6e70946:/# exit
exit
方式 2 使用 Dockerfile 建立映像檔
我們可以透過 docker build 配合 Dockerfile 來建立映像檔
首先觀察目前的路徑
> pwd
/home/max
建立目錄
> mkdir sakana
進入該目錄
> cd sakana/
建立 Dockerfile
> vi Dockerfile
# 用於註解
# 後續的流程, 前面都要大寫
# FROM 基於那個 image
FROM ubuntu:14.04
# MAINTAINER 維護作者
MAINTAINER Max Huang < sakana@study-area.org >
# RUN 要執行的指令
RUN apt-get update && apt-get install -y ruby ruby-dev
RUN gem install sinatra
> docker build -t sakanatest/testimage /home/max/sakana
Sending build context to Docker daemon 2.048 kB
Sending build context to Docker daemon
Step 0 : FROM ubuntu:14.04
14.04: Pulling from ubuntu
d3a1f33e8a5a: Pull complete
c22013c84729: Pull complete
d74508fb6632: Pull complete
91e54dfb1179: Already exists
ubuntu:14.04: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:7a846cdca616c384ac1c5e3a91d0ea22c89a5c456f60d4d60734715c4e2df9ae
Status: Downloaded newer image for ubuntu:14.04
---> 91e54dfb1179
Step 1 : MAINTAINER Max Huang < sakana@study-area.org >
---> Running in b59ea0a80376
---> adbe1f761471
Removing intermediate container b59ea0a80376
Step 2 : RUN apt-get update && apt-get install -y ruby ruby-dev
Removing intermediate container 833999aeaa6a
Successfully built dd38d73f4e20
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
sakanatest/testimage latest dd38d73f4e20 2 minutes ago 318.7 MB
testrepo/testimage vTEST 220501802d62 37 minutes ago 452.1 MB
ubuntu 14.04 91e54dfb1179 13 days ago 188.3 MB
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
training/sinatra latest f0f4ab557f95 15 months ago 447 MB
可以觀察 image ID
官方文件有提到其他 Dockerfile 的做法( ADD / EXPOSE / CMD ), 但是後面還會提到就先不說
設定映像檔 TAG
可以透過 docker tag 來設定 映像檔的 TAG
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
sakanatest/testimage latest dd38d73f4e20 2 minutes ago 318.7 MB
testrepo/testimage vTEST 220501802d62 37 minutes ago 452.1 MB
ubuntu 14.04 91e54dfb1179 13 days ago 188.3 MB
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
training/sinatra latest f0f4ab557f95 15 months ago 447 MB
> docker tag dd38d73f4e20 sakanatest/testimage:tagTest
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
sakanatest/testimage latest dd38d73f4e20 8 minutes ago 318.7 MB
sakanatest/testimage tagTest dd38d73f4e20 8 minutes ago 318.7 MB
testrepo/testimage vTEST 220501802d62 43 minutes ago 452.1 MB
ubuntu 14.04 91e54dfb1179 13 days ago 188.3 MB
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
training/sinatra latest f0f4ab557f95 15 months ago 447 MB
上傳映像檔到 Docker Hub
由於使用 docker push 上傳要註冊帳號, 所以就先不做
移除映像檔
如果要移除映像檔, 必須沒有作用中的 container 才可以移除
先觀察 container
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acfed6e70946 testrepo/testimage:vTEST "/bin/bash" About an hour ago Exited (0) About an hour ago furious_pare
ddc3cdc142f3 training/sinatra "/bin/bash" About an hour ago Exited (0) About an hour ago serene_tesla
6764848c94c4 training/sinatra "/bin/bash" About an hour ago Exited (0) About an hour ago elegant_lalande
觀察映像檔
這邊可以觀察到 sakanatest/testimage 沒有container使用中
testrepo/testimage 以及 trainging/sinatra 有 container 使用中
> docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
sakanatest/testimage latest dd38d73f4e20 About an hour ago 318.7 MB
sakanatest/testimage tagTest dd38d73f4e20 About an hour ago 318.7 MB
testrepo/testimage vTEST 220501802d62 About an hour ago 452.1 MB
ubuntu 14.04 91e54dfb1179 13 days ago 188.3 MB
ubuntu 12.04 57bca5139a13 13 days ago 134.8 MB
opensuse 13.2 d6b241b32a2d 5 weeks ago 93.99 MB
opensuse latest d6b241b32a2d 5 weeks ago 93.99 MB
training/sinatra latest f0f4ab557f95 15 months ago 447 MB
我們可以使用 docker rmi 來移除 沒有 container 使用中的 image
首先針對沒有 container 運作的 sakanatest/testimage 來刪除
> docker rmi sakanatest/testimage:tagTest
Untagged: sakanatest/testimage:tagTest
Deleted: dd38d73f4e2021c81c52530e99eb1cb98f87b9031d50c6342e7d47b8302f78a7
Deleted: b987f587ddb48e0006250cc77835530f605c32647d5cbe0432ea8a5fd3769017
Deleted: adbe1f76147105dc554a86f026dab8fa8b2019892bfb5d10cfe9e3df5bafa9b9
刪除不會有問題, 使用 docker rmi 刪除所有 sakanatest/testimage 上面 image
接下來嘗試刪除 有 container 執行的 image
> docker rmi testrepo/testimage:vTEST
Error response from daemon: Conflict, cannot delete 220501802d62 because the container acfed6e70946 is using it, use -f to force
Error: failed to remove images: [testrepo/testimage:vTEST]
果然是要刪除 container 才能刪除 image
再觀察一次
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acfed6e70946 testrepo/testimage:vTEST "/bin/bash" About an hour ago Exited (0) About an hour ago furious_pare
ddc3cdc142f3 training/sinatra "/bin/bash" About an hour ago Exited (0) About an hour ago serene_tesla
6764848c94c4 training/sinatra "/bin/bash" 2 hours ago Exited (0) 2 hours ago elegant_lalande
移除 container 可以使用 docker rm 指令來完成
> docker rm acfed6e70946
acfed6e70946
確認已經刪除
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ddc3cdc142f3 training/sinatra "/bin/bash" 2 hours ago Exited (0) 2 hours ago serene_tesla
6764848c94c4 training/sinatra "/bin/bash" 2 hours ago Exited (0) 2 hours ago elegant_lalande
刪除 image testrepo/testimage:vTEST
> docker rmi testrepo/testimage:vTEST
Untagged: testrepo/testimage:vTEST
Deleted: 220501802d62b8aca6ed82aad9ea99c2dc9a12d195638b6bdf47f20aa8e92860
接下來剩下一個 image 要刪除, 可是他有 2 個 container 在執行
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ddc3cdc142f3 training/sinatra "/bin/bash" 2 hours ago Exited (0) 2 hours ago serene_tesla
6764848c94c4 training/sinatra "/bin/bash" 2 hours ago Exited (0) 2 hours ago elegant_lalande
所以就把腦筋動到一次刪除所有的 container
docker ps 指令加上 -q 只會列出 container ID
> docker ps -a -q
ddc3cdc142f3
6764848c94c4
但是做這件事的時候要三思而後行
> docker rm $( docker ps -a -q )
ddc3cdc142f3
6764848c94c4
> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
刪除完練習用 image, 本日收工
> docker rmi training/sinatra:latest
Untagged: training/sinatra:latest
Deleted: f0f4ab557f954f3e04177663a3af90e88641bcdcce1f02ac900dbd9768ef4945
Deleted: 79e6bf39f99322cc062a79bec4a09de0dd19cb7f5f735b4b6b7832c04b13bb45
Deleted: ce80548340bb03726d391bb8fa4d134f8418c2fff90be9a7323560debdea9bd2
Deleted: e809f156dc985e07105fdc86ec05eb03eb7aac8636dc210e8595d31b55787f4a
Deleted: bfab314f3b766eddf9778f8dce089f44e84ea028f4a44ce68740dce81a844ec8
Deleted: be88c4c27e80023b6aea82f0f2e15fb21c6f4193fe814e5b58010d356dd7846b
Deleted: 3e76c0a80540a0d36493ae7110796fc92f559a191454e3ac19c1d4c650bdd9e0
Deleted: 511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158
~ enjoy it